Attackers Exploit Unpatched Windows XML Flaw

Charles Ripley , BrandPost

Hopefully you’ve applied all of the updates and fixes from Microsoft’s Patch Tuesday by now. But, have you also implemented the workarounds Microsoft published? If not, your system could end up compromised.

While organizations and individuals were busy with the Patch Tuesday security bulletins, Microsoft also released an out-of-band security advisory for a flaw in Microsoft XML Core Services that can allow an attacker to gain control of a vulnerable system from across the Internet. The vulnerability affects all supported versions of Windows, and all supported versions of Office 2003 and Office 2007.

In the security advisory, Microsoft spells out some mitigating factors that may reduce the risk this vulnerability poses for a PC. The flaw can be exploited just by loading a malicious Web page, but there’s no way an attacker can force a user to do so. The attacker has to craft the malicious site, and then convince victims to visit the website somehow in order to compromise their systems.

Read more »

Patch Now--Internet Explorer Flaw Under Attack

Charles Ripley , BrandPost

Have you applied Microsoft’s fixes and updates from the June Patch Tuesday yet? If not, you’re asking for trouble because a vulnerability that was already addressed by Microsoft is being actively exploited in the wild.

Microsoft security bulletin MS12-037 was this month’s cumulative update for Internet Explorer. It is rated as Critical, and addresses 14 separate vulnerabilities that affect every supported version of Internet Explorer in some way.

One vulnerability in particular is more urgent than the rest, though. There are multiple attacks circulating online that target CVE-2012-1875.

Read more »

Why Convenience Is the Enemy of Security

Convenience or security: pick one. It’s actually not that cut and dry, but it is a sliding scale that requires finding the right balance between the two. Tools that make your life more convenient also tend to make it less secure. Technologies that make you more secure are also generally inconvenient.

Think about your house. It would be convenient if the door didn’t even exist and you could just walk in. But, you also want some privacy and you want to prevent roaming animals and random strangers from entering, so you have a door. Of course, other people can also open the door, so you have to go a step further and put a lock on the door. Now you’re home is more secure, but you have to unlock and open the door in order to enter.

That seems like an acceptable balance. It has been embraced as a societal norm, and nobody really stops to think or complain about the “inconvenience” of closing and locking the door. We haven’t yet achieved that sense of convenience / security equilibrium in the digital world.

Read more »

How Do You Guard Against Unknown Threats?

Stuxnet was sort of like a shot heard ‘round the world when it comes to malware. It was the first attack which—for all intents and purposes—was developed with a specific strategic target and national defense objectives in mind. State-sponsored cyber warfare has been suspected for sometime, but Stuxnet was the first real indication that it is actually going on.

Then came Duqu, followed by Flame. All three of these malware threats are related in some way, and appear to have similar origins. But, the one thing that seems to stand out for all three is that these threats have been out there circulating on the Internet for years undetected.

The initial assumption by many was that Stuxnet evolved into Duqu, which eventually became Flame. One theory was that once Stuxnet was discovered and reverse-engineered it gave other developers the tools they needed to build on the foundation to create new threats. But, researchers now believe that Flame and Stuxnet were originally developed in parallel, with Stuxnet actually employing a module from the Flame code. That was back in 2009.

Read more »

Use Social Apps, But Be Careful

Charles Ripley , BrandPost

Social networks have changed the way people use the Internet, and opened up a whole new realm of opportunities to connect with family, friends, and others with similar interests. However, when you combine social networking with check-ins or location-aware features it can be risky.

Skout, an app devoted to finding people nearby to flirt with, has shut down access to minors following three separate reports of sexual assault. In all three cases—which occurred in three different states—male predators posed as teenagers to seek out victims through the social app.

Problems like this are not entirely uncommon, and certainly are not unique to Skout. Apps like Highlight and LocalMind also integrate social networks and location-aware functionality to connect you with people and events near you that might be of interest. Apps like these also have the potential to expose you to unnecessary risk.

Read more »

Don't Be the Low-Hanging Fruit

Two men are being chased by a bear. One says to the other: “There’s no way you can outrun that bear.” The other man replies, “I don’t have to be faster than the bear. I just have to be faster than you.”

The basic premise of that joke also applies when it comes to computer and Internet security. Cyber attackers are your “bear”, and the fact is you don’t have to have the best security. You just need stronger security than the next guy. In many cases, simply having any protective measures at all makes you a more difficult target and ensures that you aren’t the “low-hanging fruit”.

Criminals in general are typically creatures of opportunity, and likely to take the path of least resistance. A skilled thief might be able to nab a wallet out of the pocket or purse of just about anyone, but given the choice between a person with a wallet in a zipped up purse slung over her shoulder, and a guy with his wallet hanging halfway out of the back pocket of his jeans, the guy in the jeans is much more likely to be the target of choice.

Read more »

Two Seconds Makes All the Difference

Charles Ripley , BrandPost

Stop for a minute and think about your smartphone or tablet. What sort of accounts and information might be compromised if the device was lost or stolen? Doesn’t it make sense to take steps to protect it?

Your mobile device most likely contains all of your contacts, and calendar information. It has personal photos of your family, friends, and co-workers. It has your email, and apps that connect to your various social networks like Facebook and Twitter.

Ideally, you shouldn’t store your password or logon credentials for any of the apps. But, nobody wants to have to enter their username and password every time they want to use the Facebook app, so odds are pretty good that someone who “finds” your smartphone or tablet would have unfettered access to much of your personal information--and possibly sensitive information about other people you know.

Read more »